diff --git a/internal/utils/query/builder.go b/internal/utils/query/builder.go
index 82634b9..8c95cd5 100644
--- a/internal/utils/query/builder.go
+++ b/internal/utils/query/builder.go
@@ -1495,7 +1495,7 @@ func (qb *QueryBuilder) isValidExpression(expr string) bool {
 	// This is a simplified check. A more robust solution might use a proper SQL parser library.
 	// For now, we allow alphanumeric, underscore, dots, parentheses, and common operators.
 	// For SQL Server, allow brackets [] and spaces for column names.
-	allowedChars := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.,() *-/[]"
+	allowedChars := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.,() *-/[]'\"="
 	for _, r := range expr {
 		if !strings.ContainsRune(allowedChars, r) {
 			return false